A method and system are disclosed for generating and using a virus-free file certificate. The method, for use in a virus-free certificate authority (102), includes the steps of: receiving (300) a virus-free certificate request for a file from a server (101) or a client (100) system; determining (301) whether the file is virus-free or not; if the file is declared virus-free by the virus-free certificate authority (102): generating (303, 304) a virus-free certificate (200) including a file signature (207) for certifying that said file is declared virus-free by the virus-free certificate authority (102); sending (306) back in response to the virus-free certificate request the virus-free certificate (200). The method, for use in a server (101) or client (100) system, includes the steps of: determining (400) whether a virus-free certificate (200) is associated with a file; if a virus-free certificate is associated with the file: authenticating (404) the virus-free certificate (200), said virus-free certificate including a certificate signature (206); authenticating (407) the file, said virus-free certificate (200) including a file signature (207), said file signature certifying that said file has been declared virus-free by a virus-free certificate authority (102).
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method, for use in a virus-free certificate authority, of generating a virus-free certificate certifying that a file is virus-free comprising the steps of: receiving a virus-free certificate request for a file from a system; the virus-free certificate request comprising a list of one or a plurality of anti-virus programs to be executed on the file by the certificate authority to determine whether the file is virus-free or not; determining whether the file is virus-free or not; if the file is declared virus-free by the virus-free certificate authority: generating a virus-free certificate comprising a file signature for certifying that said file is declared virus-free by the virus-free certificate authority; and sending back in response to the virus-free certificate request the virus-free certificate.
2. The method according to claim 1 wherein the virus-free certificate request comprises: a file for which a virus-free certificate is requested.
3. The method according to claim 1 wherein said step of determining whether the file is virus-free or not comprises the further step of: executing one or a plurality of anti-virus programs on said file for detecting viruses.
4. The method according to claim 1 wherein the virus-free certificate further comprises: a list of the one or plurality of anti-virus programs that have been executed on the file.
5. The method according to claim 1 wherein the virus-free certificate further comprises: a file identification; a virus-free certificate authority identification; a public key for decrypting the file signature; a certificate signature for authenticating the virus-free certificate; and an indication of the virus-free certificate validity.
6. The method according to claim 1 comprising the further steps of: identifying the system where the file and associated virus-free certificate are stored; and downloading updates of the virus-free certificate.
7. The method according to claim 1 wherein the step of generating a file signature comprises the further steps of: hashing the file to generate a file digest; and encrypting the file digest using a private key.
8. A system implementing a virus-free certificate authority, said system comprises a processor that executes a program for implementing a method having steps of: receiving a virus-free certificate request for a file from a system; the virus-free certificate request comprising a list of one or a plurality of anti-virus programs to be executed on the file by the certificate authority to determine whether the file is virus-free or not; determining whether the file is virus-free or not; if the file is declared virus-free by the virus-free certificate authority: generating a virus-free certificate comprising a file signature for certifying that said file is declared virus-free by the virus-free certificate authority; and sending back in response to the virus-free certificate request the virus-free certificate.
9. A computer program recorded on a computer-readable medium and comprising instructions for executing a method having the steps of: receiving a virus-free certificate request for a file from a system; the virus-free certificate request comprising a list of one or a plurality of anti-virus programs to be executed on the file by the certificate authority to determine whether the file is virus-free or not; determining whether the file is virus-free or not; if the file is declared virus-free by the virus-free certificate authority: generating a virus-free certificate comprising a file signature for certifying that said file is declared virus-free by the virus-free certificate authority; and sending back in response to the virus-free certificate request the virus-free certificate.
10. A method, for use in a server or client system, of determining that a file is virus-free comprising the steps of: determining whether a virus-free certificate is associated with a file; if a virus-free certificate is associated with the file: authenticating the virus-free certificate, said virus-free certificate comprising a certificate signature; authenticating the file, said virus-free certificate comprising a file signature, said file signature certifying that said file has been declared virus-free by a virus-free certificate authority; and checking the one or plurality of anti-virus programs used to build the virus-free certificate according to one or a plurality of predefined rules.
11. The method according to claim 10 wherein said step of authenticating the file comprises the further steps of: decrypting the file signature using a public key comprised in the virus-free certificate; hashing the file to generate a file digest; and comparing the decrypted file signature with the generated file digest.
12. The method according to claim 10 wherein the step of authenticating the virus-free certificate comprises the further step of: validating the virus-free certificate.
13. The method according to claim 12 wherein the step of validating the virus-free certificate comprises the further step of: determining whether the virus-free certificate is valid or not; if the virus-free certificate is not valid: requesting a virus-free certificate update or an updated virus-free certificate update to a virus-free certificate authority.
14. The method according to claim 10 wherein the virus-free certificate further comprises: a file identification; a virus-free certificate authority identification; a public key for decrypting the file signature; and an indication of the virus-free certificate validity.
15. A system having a processor that determines that a file is virus-free, said processor executing a program for implementing a method having steps of: determining whether a virus-free certificate is associated with a file; if a virus-free certificate is associated with the file: authenticating the virus-free certificate, said virus-free certificate comprising a certificate signature; and authenticating the file, said virus-free certificate comprising a file signature, said file signature certifying that said file has been declared virus-free by a virus-free certificate authority; and checking the one or plurality of anti-virus programs used to build the virus-free certificate according to one or a plurality of predefined rules.
16. A computer program recorded on a computer-readable medium comprising instructions for executing a method having steps of: determining whether a virus-free certificate is associated with a file; if a virus-free certificate is associated with the file: authenticating the virus-free certificate, said virus-free certificate comprising a certificate signature; and authenticating the file, said virus-free certificate comprising a file signature, said file signature certifying that said file has been declared virus-free by a virus-free certificate authority; and checking the one or plurality of anti-virus programs used to build the virus-free certificate according to one or a plurality of predefined rules.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
September 19, 2000
August 9, 2005
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.